Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:15023

Опубликовано: 10 окт. 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

  • httpd: insufficient escaping of user-supplied data in mod_ssl (CVE-2024-47252)

  • httpd: mod_ssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption (CVE-2025-23048)

  • httpd: HTTP Session Hijack via a TLS upgrade (CVE-2025-49812)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
httpdx86_644.el9_6.4httpd-2.4.62-4.el9_6.4.x86_64.rpm
httpd-corex86_644.el9_6.4httpd-core-2.4.62-4.el9_6.4.x86_64.rpm
httpd-develx86_644.el9_6.4httpd-devel-2.4.62-4.el9_6.4.x86_64.rpm
httpd-filesystemnoarch4.el9_6.4httpd-filesystem-2.4.62-4.el9_6.4.noarch.rpm
httpd-filesystemnoarch4.el9_6.4httpd-filesystem-2.4.62-4.el9_6.4.noarch.rpm
httpd-filesystemnoarch4.el9_6.4httpd-filesystem-2.4.62-4.el9_6.4.noarch.rpm
httpd-filesystemnoarch4.el9_6.4httpd-filesystem-2.4.62-4.el9_6.4.noarch.rpm
httpd-manualnoarch4.el9_6.4httpd-manual-2.4.62-4.el9_6.4.noarch.rpm
httpd-manualnoarch4.el9_6.4httpd-manual-2.4.62-4.el9_6.4.noarch.rpm
httpd-manualnoarch4.el9_6.4httpd-manual-2.4.62-4.el9_6.4.noarch.rpm

Показывать по

Связанные CVE

CVE-2024-47252
CVE-2025-23048
CVE-2025-49812

Ссылки на источники

Исправления

Связанные уязвимости

rocky логотип

RLSA-2025:15095

rocky
3 месяца назад

Moderate: httpd security update

oracle-oval логотип

ELSA-2025-15095

oracle-oval
4 месяца назад

ELSA-2025-15095: httpd security update (MODERATE)

oracle-oval логотип

ELSA-2025-15023

oracle-oval
4 месяца назад

ELSA-2025-15023: httpd security update (MODERATE)

rocky логотип

RLSA-2025:15123

rocky
3 месяца назад

Moderate: httpd:2.4 security update

oracle-oval логотип

ELSA-2025-15123

oracle-oval
4 месяца назад

ELSA-2025-15123: httpd:2.4 security update (MODERATE)